Re[2]: Connection attempts

From: Lee Smallbone (lee@kechara.net)
Date: 04/21/01

• Next message: Anders Nordby: "Re: imap-uw"
• Previous message: Andrey Zakharchenko: "imap-uw"
• In reply to: Jim Durham: "Re: Connection attempts"
• Next in thread: Michael S Scheidell: "Re: Re[2]: Connection attempts"
• Reply: Michael S Scheidell: "Re: Re[2]: Connection attempts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sat, 21 Apr 2001 10:23:18 +0100
From: Lee Smallbone <lee@kechara.net>
To: Jim Durham <durham@w2xo.pgh.pa.us>

Hello Jim,

Monday, 23 April 2001, you wrote:

JD> On Mon, 23 Apr 2001, Michael S Scheidell wrote:

>> In local.freebsd.security, you wrote:
>> >
>> >Script kiddies..just ignore it and get used to it.
>>
>> I don't suggest ignoring the 'kiddies' that walk down the street trying to
>> see if my windows are open either.
>>
>> 80% of these systems have bveen compromized, and the owner doesn't even
>> know it.
>>
>> Wouldn't you like to take these systems off the net?
>> You want one of them to run against your system (if you miss a security
>> bulitin?)
>>
>> its easy enough to log and alert the isp.
>>
>>

JD> I don't know what you folks' experience has been, but I've had
JD> almost no luck with alerting ISPs to these problems. A lot of
JD> this stuff comes from Korea and Chekoslovokia and I get no
JD> responses from the ISPs.

 You should see my intrusion database... 93% from Korea, Taiwan and
 the likes. The rest from interesting places such as Hungaria. There
 is never any response from ISPs. Solution a) grin and bare it (is
 that really a solution though?). Solution b) actively firewall
 connections from these places (blanket bans are never a great idea
 though.)

 Solution c) anyone?

 This could make for an interesting debate.

Best regards,
 Lee Smallbone
 lee@kechara.net

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

---

• Next message: Anders Nordby: "Re: imap-uw"
• Previous message: Andrey Zakharchenko: "imap-uw"
• In reply to: Jim Durham: "Re: Connection attempts"
• Next in thread: Michael S Scheidell: "Re: Re[2]: Connection attempts"
• Reply: Michael S Scheidell: "Re: Re[2]: Connection attempts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Spammer keeps posting adverts for his spam-sending software. ... >individual is beyond comprehending any rational responses. ... troll will often morph to evade killfiles and many ISPs have rules against ... If a troll morphs in this manner, they can be - and many have been - ... (comp.os.linux.misc) Re: Publishing Nimda Logs ... they do have your billing address;-). ... > I usually get better responses from smaller ISPs and Universities. ... (Vuln-Dev) Re: Anyone else notice that Swen is slowing down? ... > reporting the infections as they come in when I'm at a terminal. ... > been getting human responses from abuse departments saying they are ... barring ISPs refusing to carry executables in email format. ... Support the EFF, they support you: http://www.eff.org/ ... (Debian-User) Re: Moving from hosted POP3 mail to Exchange ... One other thing to consider would be a backup SMTP server. ... Many ISPs will ... and there are 3rd party providers that do it at a low ... > Thanks Dennes and Fredly for your responses. ... (microsoft.public.windows.server.sbs) Re: Login attacks ... I have actually received responses. ... Not from China or Korea ... >ISPs about every other day. ... (Fedora)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2001-04